Page 657 of 4090 results (0.022 seconds)

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 2

A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition. Se ha encontrado un fallo en KVM. Cuando era actualizada la entrada de la tabla de páginas de un huésped, vm_pgoff era usado incorrectamente como desplazamiento para obtener el pfn de la página. • https://bugzilla.redhat.com/show_bug.cgi?id=2069793 https://security.netapp.com/advisory/ntap-20230214-0003 https://www.openwall.com/lists/oss-security/2022/04/08/4 https://access.redhat.com/security/cve/CVE-2022-1158 • CWE-416: Use After Free •

CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 1

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag. El kernel de Linux versiones anteriores a 5.17.2, maneja inapropiadamente los permisos de seccomp. La ruta de código PTRACE_SEIZE permite a atacantes omitir las restricciones previstas al establecer el flag PT_SUSPEND_SECCOMP A flaw was found in the Linux kernel. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag, possibly disabling seccomp. • http://packetstormsecurity.com/files/167386/Kernel-Live-Patch-Security-Notice-LSN-0086-1.html http://packetstormsecurity.com/files/170362/Linux-PT_SUSPEND_SECCOMP-Permission-Bypass-Ptracer-Death-Race.html https://bugs.chromium.org/p/project-zero/issues/detail?id=2276 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3 https://github.com/torvalds/linux/commit/ee1fee900537b5d9560e9f937402de • CWE-276: Incorrect Default Permissions CWE-862: Missing Authorization •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an attacker to cause a denial of service. The vulnerability is similar to the older CVE-2019-18808. The highest threat from this vulnerability is to system availability. Se ha encontrado un fallo de pérdida de memoria en la función ccp_run_aes_gcm_cmd() del kernel de Linux que permite a un atacante causar una denegación de servicio. La vulnerabilidad es similar a la anterior CVE-2019-18808. • https://access.redhat.com/security/cve/CVE-2021-3764 https://bugzilla.redhat.com/show_bug.cgi?id=1997467 https://github.com/torvalds/linux/commit/505d9dcb0f7ddf9d075e729523a33d38642ae680 https://security-tracker.debian.org/tracker/CVE-2021-3764 • CWE-400: Uncontrolled Resource Consumption CWE-401: Missing Release of Memory after Effective Lifetime •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS. Se ha encontrado una vulnerabilidad en la lógica de la función fs/inode.c:inode_init_owner() del kernel de LInux que permite a usuarios locales crear archivos para el sistema de archivos XFS con una propiedad de grupo no deseada y con los bits de permiso de ejecución de grupo y SGID establecidos, en un escenario en el que un directorio es SGID y pertenece a un determinado grupo y es escribible por un usuario que no es miembro de este grupo. Esto puede conllevar a una concesión de excesivos permisos cuando no deberían concederse. • https://access.redhat.com/security/cve/CVE-2021-4037 https://bugzilla.redhat.com/show_bug.cgi?id=2004810 https://bugzilla.redhat.com/show_bug.cgi?id=2027239 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01ea173e103e https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0fa3ecd87848 https://lists.debian.org/debian-lts-announce/2022/11/msg00001.html https://www.debian.org/security/2022/dsa-5257 • CWE-284: Improper Access Control •

CVSS: 6.7EPSS: 0%CPEs: 77EXPL: 0

In voice service, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330702; Issue ID: DTV03330702. En el servicio de voz, se presenta una posible escritura fuera de límites debido a un desbordamiento del búfer en la región stack de la memoria. • https://corp.mediatek.com/product-security-bulletin/May-2022 • CWE-787: Out-of-bounds Write •